New Search

RHSA-2009:1530 -- firefox security update (Critical)

oval:org.mitre.oval:def:29230

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime (NSPR). A flaw was found in the way Firefox handles form history. A malicious web page could steal saved form data by synthesizing input events causing the browser to auto-fill form fields (which could then be read by an attacker). (CVE-2009-3370)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • Red Hat Enterprise Linux 5
Class:
patch
Reference(s):
  • RHSA-2009:1530
  • CVE-2009-0689
  • CVE-2009-1563
  • CVE-2009-3274
  • CVE-2009-3370
  • CVE-2009-3372
  • CVE-2009-3373
  • CVE-2009-3374
  • CVE-2009-3375
  • CVE-2009-3376
  • CVE-2009-3380
  • CVE-2009-3382
  • CVE-2009-3384
Product(s):
  • nspr
  • xulrunner
  • firefox